• DocumentCode
    3104645
  • Title

    The SRI IDES statistical anomaly detector

  • Author

    Javitz, Harold S. ; Valdes, Alfonso

  • Author_Institution
    SRI Int., Menlo Park, CA, USA
  • fYear
    1991
  • fDate
    20-22 May 1991
  • Firstpage
    316
  • Lastpage
    326
  • Abstract
    SRI International´s real-time intrusion-detection expert system (IDES) contains a statistical subsystem that observes behavior on a monitored computer system and adaptively learns what is normal for individual users and groups of users. The statistical subsystem also monitors observed behavior and identifies behavior as a potential intrusion (or misuse by authorized users) if it deviates significantly from expected behavior. The multivariate methods used to profile normal behavior and identify deviations from expected behavior are explained in detail. The statistical test for abnormality contains a number of parameters that must be initialized and the substantive issues relating to setting those parameter values are discussed
  • Keywords
    adaptive systems; expert systems; learning systems; real-time systems; security of data; IDES; SRI; adaptively learns; authorized users; monitored computer system; real-time intrusion-detection expert system; statistical anomaly detector; Aging; Computerized monitoring; Condition monitoring; Detectors; Expert systems; Frequency; Intrusion detection; Real time systems; Statistics; System testing;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Research in Security and Privacy, 1991. Proceedings., 1991 IEEE Computer Society Symposium on
  • Conference_Location
    Oakland, CA
  • Print_ISBN
    0-8186-2168-0
  • Type

    conf

  • DOI
    10.1109/RISP.1991.130799
  • Filename
    130799
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3104645